I just installed Joomla and one of the things that came up during the install was to set the ftp username and password to allow Joomla to transfer files to and from the filesystem.
I left it blank as I didn’t know what to fill in or how to set up a ftp user in Linux. As expected I am unable to upload any extensions to Joomla. It throws up a “Failed to move file” error.
How do I set up a ftp user in openSUSE and what permissions should I allow it to have in order for Joomla to work? Is it as simple as going to YAST>User and Group Management and just creating an user and assigning it to the ftp group?
I saw that too when I was doing a Joomla installation for a client.
I believe it’s a feature that’s provided by Joomla itself and doesn’t involve the Linux authentication. So you would have to read the Joomla doco. Also if you have a firewall, particularly a NAT border firewall, there would probably also be hassles with the port forwarding rules for FTP, which is traditionally problematic for firewalls because it involves two ports, one of which is transmitted inside the command stream at connection establishment time.
I didn’t enable for my client because I have already set up a more secure sftp (over ssh) system for them. Also the ssh protocol is easy to port forward.
I’m installing joomla so I can build and test a website locally and I’ll be the only user using it. It will not be open for access from the outside.
I am trying to install extension through the admin page. I guess I have a permissions problem with writing to the joomla folder. How do I give the correct permissions to the apache user?
I saw that too when I was doing a Joomla installation for a client.
I believe it’s a feature that’s provided by Joomla itself and doesn’t involve the Linux authentication. So you would have to read the Joomla doco. Also if you have a firewall, particularly a NAT border firewall, there would probably also be hassles with the port forwarding rules for FTP, which is traditionally problematic for firewalls because it involves two ports, one of which is transmitted inside the command stream at connection establishment time.
I didn’t enable for my client because I have already set up a more secure sftp (over ssh) system for them. Also the ssh protocol is easy to port forward.
During the install when it prompted for the ftp user details, it said due to the way permissions are handled on the Linux / Unix filesystems, that joomla requires an ftp user to transfer files to and from the filesystem. It said if you are installing on Windows that it’s not necessary. I took that to mean that a local ftp user account would need to be created.
However if I can just assign the necessary permission to Apache then that would be better I think.
And for further testing, if you decided to install another joomla site locally, you can also change the default apache user to your current user, by editing /etc/apache2/uid.conf
Simply put the extension in the appropriate Joomla folders and use chown (with the recursive option -R if necessary) to change the ownership to wwwrun, which is the account that Apache runs as. Also check that it has write permission to owner.
The ftp upload is only a convenience for people who want to upload using a ftp client. If you have access to the command line, it’s just as easy to deposit the files there directly.
I do not recommend using mode 777 or changing the uid of the Apache process.
I really need to get to grips with Linux permissions because it seems to be the root of most of my problems :disapointed:
I’m a little confused now as conflicting advice is being offered. I appreciate the suggestions being offered and clearly there are differeing opinions as to what is correct / acceptable or not. I’m trying to get my head around this. On my local system (localhost), I am unable to install extension, modules, templates, etc through the Joomla web admin page. I cannot make changes to the joomla global site configuration from the joomla web admin page. However, on my host with the live site I can do all those things. So what’s different? It seems my local server is not properly configured. It doesn’t make sense to have to keep changing permissions to install components or make site configuration changes.
The advice is against using mode 777 or changing the uid of Apache. So what is the best way for me to set things so I can use Joomla on localhost without having to manually change permissions to folders and files before wantting to install a component or make a global site config change?
You can change the ownership of the Joomla directories and files to wwwrun and then you will be able to modify things through the web interface.
Once your site is bedded down though, it would be additional security to change the ownership away to some other account so that the site cannot be defaced through any latent bug in the Joomla code that takes advantage of being able to write to the installation files. (Yes, web apps do remain a large area of vulnerability for servers.) Any areas that are used for uploads (e.g. pictures, attachments, etc) should however remain writable to Apache.
You could also enable the FTP feature, since it shouldn’t be an issue if you are accessing it internally. But you still have to make the Joomla directories owned by wwwrun for FTP to be able to write there. I can’t tell you how to get the Joomla FTP feature working though, I didn’t use it.